9/21/2006

Googling for ATM Master Passwords

Filed under: — By Aviran Mordo @ 7:07 pm

Using clues obtained from a YouTube video and a simple four-word Google search engine query, a criminal can find step-by-step instructions for how to hack into and take control of thousands of ATMs scattered around the United States.

Following up on a CNN report out of Virginia Beach, Va., that a man reprogrammed an ATM at a gas station to dispense $20 bills instead of $5 bills, a New York-based security researcher did some old-fashioned online sleuthing and discovered that the operator manual for that specific model of ATM could be legally obtained in about 15 minutes.

Dave Goldsmith, founder and president of penetration testing outfit Matasano Security, in New York, did not say how he obtained the operator manual—which contains master passwords and other sensitive security information about the cash-dispensing machines—but an eWEEK investigation shows that a simple Google query will return a 102-page PDF file that provides a road map to the hack.

Source: eWeek

 

Leave a Reply

You must have Javascript enabled in order to submit comments.

All fields are optional (except comment).
Some comments may be held for moderation (depends on spam filter) and not show up immediately.
Links will automatically get rel="nofollow" attribute to deter spammers.

Powered by WordPress